Unlock instant, AI-driven research and patent intelligence for your innovation.

Network security operation and maintenance management method and device, computing equipment and storage medium

An operation and maintenance management and network security technology, applied in the field of network security, can solve problems such as information leakage, safe operation and processing without network attacks, and equipment terminals that cannot work normally, so as to achieve the effect of convenient processing and realization of operation and maintenance management

Pending Publication Date: 2021-07-16
苏州三六零智能安全科技有限公司
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Network security can guarantee the security of equipment terminals used by users on the network. When the network is attacked or threat information is received, it will affect the security of users' personal information and enterprise information, resulting in information leakage, equipment terminals not working properly, etc. question
[0003] Existing technologies can detect network security, but after detecting network attacks, they often fail to carry out effective security operation processing for detected network attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security operation and maintenance management method and device, computing equipment and storage medium
  • Network security operation and maintenance management method and device, computing equipment and storage medium
  • Network security operation and maintenance management method and device, computing equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach 1

[0031] Embodiment 1: Identify according to multiple threat information, and obtain alarm information corresponding to the same attack node. For any attack node, the threat intelligence corresponding to the attack node is aggregated to generate alarm information corresponding to the attack node. In this implementation, the threat intelligence corresponding to the same attack node is directly aggregated into the alarm information of an event, so that an alarm information of an event corresponds to an attack node, and can be obtained through this event in a comprehensive and customized manner. The alarm information of the attack node is conducive to special processing for each attack node. In the actual implementation process, an attack node can correspond to one or more identification rules. When an attack node can correspond to one identification rule, the corresponding attack node can be determined by matching the threat intelligence with the identification rule; when an attac...

Embodiment approach 2

[0032] Embodiment 2: Identify according to multiple threat intelligences, and obtain threat events corresponding to the same attack node. A plurality of associated attack nodes is obtained; threat events corresponding to the plurality of attack nodes are aggregated. Wherein, the multiple associated attack nodes correspond to the same attack scenario. In this embodiment, specifically, the threat events corresponding to the same attack scenario are aggregated. Adopting this implementation manner can fully reflect the attack characteristics of the attack scenario, and facilitate specialized analysis and processing of different attack scenarios. In the specific implementation process, the attack nodes involved in different attack scenarios can be pre-determined. For example, in the attack scenario P targeting the terminal USER1, it usually involves the early high-risk port scanning node (attack node A), the mid-term High-risk port attack node (attack node B), and later log clean...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security operation and maintenance management method and device, computing equipment and a computer storage medium, and the method comprises the steps: carrying out the real-time detection of a network, and obtaining at least one piece of alarm information generated in the detection process; generating an alarm work order list page containing at least one piece of alarm information for a user to view the at least one piece of alarm information; and receiving an alarm processing operation for any alarm information triggered by the user on the alarm work order list page, and starting an alarm processing monitoring flow for the alarm information. The alarm information acquired by real-time detection of the network is managed, and an alarm work order list page for viewing the alarm information is provided for a user, so that the user can conveniently and intuitively process the alarm information. The operation of the user on the alarm information is monitored, the alarm information can be conveniently tracked by starting the alarm processing monitoring process, and the complete operation and maintenance management of the network is realized.

Description

technical field [0001] The invention relates to the field of network security, in particular to a network security operation and maintenance management method and device. Background technique [0002] Network security can guarantee the security of equipment terminals used by users on the network. When the network is attacked or threat information is received, it will affect the security of users' personal information and enterprise information, resulting in information leakage, equipment terminals not working properly, etc. question. [0003] Existing technologies can detect network security, but after detecting a network attack, they often fail to perform effective security operation processing on the detected network attack. Contents of the invention [0004] In view of the above problems, the present invention is proposed to provide a network security operation and maintenance management method, device, computing device, and computer storage medium that overcome the ab...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55
CPCG06F21/552
Inventor 张睿叶若曦朱灿王禹李斌毛斯琪肖瑞
Owner 苏州三六零智能安全科技有限公司